Sandbox environments, also known as sandbox applications, are testing environments that isolate untested code changes, experimentation or potentially unstable processing requests from the rest of the productive environment of a computing system.
Sandboxing protects many aspects of a computational system that may be at risk from untested or unstable code, including hardware, active servers and their data and other collections of code, data and/or content. Untested or unstable code could induce damaging changes (inadvertent or intentional) to critical systems, or could simply cause changes that would be difficult to revert. In this case, a sandbox environment may be implemented as an application to run the potentially harmful code or processing request. Generally, sandboxes replicate at least the minimal functionality needed to accurately test the programs or processing requests.
System memory run by the processor is generally divided into two distinct “regions”: kernel space and user space. The kernel space is where the core of the operating system runs and where the processor generally runs processes such as input/output device controllers (for running peripheral devices such as a monitor or a keyboard). User space is that set of memory locations in which user processes run, such as applications and executing programs. Communication between the user space and the kernel space is performed through system calls.
In order to run a sandbox environment on a computer-implemented system, a software application or similar set of commands must be created or downloaded from an external source. For each instance of the sandbox environment, the computer-implemented system also needs to initiate a new sandbox environment process. This will use system resources and power just to open the new sandbox environment, before any processing in the sandbox environment has occurred.